Question Mal-ad ware and virus nesting block diagram for further understanding (by us rookies :) )

[keithnh]

Just wondering if there are block diagrams anywhere that might help someone better understand how and where undesired programs are nested.

A "black box" like illustration/encyclopedia of each particular such undesirable program and how it is typically nested, possibly with recommendations to battle it.

I have many older computers .. likely many users do as we are pushed to continually upgrade. Using last computer upgraded from's full capabilities as an internet "screening " device might be an area for development, at least for us old-timers who do not need the fastest/newest.

Looks like I have a "New tab" virus that is hijacking?/affecting my browser even with my Norton 360/Ultimate Utilities software continuously grooming. I have printed out a multi-page procedure going here and there all over in my computer .. doing this and that to try to eradicate. Have a command prompt along with coming up with no command every time I turn on computer. Wish I had more background info to help understand my issues.

 

[Eximo]

I'm afraid the list would be exhaustive and less than helpful in your situation. Unless you know the specific qualities of a particular infection.

I don't think Norton has the best reputation these days, but I haven't used anything beyond Windows defender in some years. Those tools can only prevent and remove things they already know about, if you have something new or disguised, not much to be done besides wiping the whole system.

Rootkits might exist in boot sectors or even the BIOS/firmware of your various hardware components. Not that common, but even a typical OS wipe is sometimes not enough.

I would start with tools like ComboFix (part of using combofx is running Anti-Malware Bytes, you can also just give that a try and maybe something like a Bitdefender Rescue CD.

 

[Ralston18]

Which Windows OS 's are you using?

What browsers?

Take a couple of sreenshots showing the "New tab" that you are seeing. Post the screenshots here via imgur (www.imgur.com).


Look in Process Explorer (Microsoft, free). Any unrecognized or unknown processes?

https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer


= = = =

Undesirables can be anywhere.

Even hidden in plain sight. Trojan horse, etc.....

The first thing I would do is to remove Norton 360.

All that is needed is Windows Defender/Security and Malwarebytes (free) for occassional back up scans.

You mentioned "command prompt": are you using DOS?

What sort of things does your multi-page procedure do?

I recommend Powershell - much more powerful with ample cmdlets, functions, and scripts.

Powershell can be used to apply Windows Defender - likely more useful at an admin level.

FYI:

https://learn.microsoft.com/en-us/defender-endpoint/schedule-antivirus-scans-powershell

Basically run scans indirectly with and without the browser running.....

Overall though, with respect to finding files, unless there is some idea of what is being looked for Powershell may be of limited use.

Maybe find targeted filenames or file types in places where they should not be.

 

[keithnh]

Im using Windows 10 and the Edge browser. Have several HP SFF boxes I like to fiddle with. This problem on an 8000 Elite C2-4 Q8400@2.66. I dont need the newest and fastest and like to try to update/fix them when possible/affordable. Have been able to for many years now without gaining too much real knowledge. Guess I believe undesirable stuff if persistent is likely to have elements somewhere in my hard drive once it begins bothering me. Or possibly have pointers/permissions changed for an external program to use at will to begin the bothering process again. I dont know really ... would be helpful to know where some of them are specifically most of the time. Im no computer expert and find it disheartening someone would spend their time trying to make computer life miserable by creating junk to infect others with. Why?? My boxes listed below, have just learned about loading memory channels equally and that there are A and B channel dimm sockets that should be loaded a certain way for dual channel memory to function best. I look up series number service manual, can see where my processor stands in the hierarchy and how much memory is max and what correct type/speed is. My thinking now is equal memory in white and black sockets, no need for faster than what mb will handle.
Trying to get my 5 boxes humming and groomed now, Norton 360 for 10 devices, Ultimate Utilites, Driver Update ... am now trying to figure out whether ssd drives preloaded with Win7(would like to keep 1 win7 machine),10 or 11 might be appropriate and possibly a viable route if I get virus-etc on current drive I cant clear in any of my boxes. Have a 500GB WD Nand SSD for the I-7 with 11 preloaded I havent installed yet as I need a screw to secure wifi card and adaptor for the 2.5 drive. Dont know how that goes for licensing, legal installation etc with a preloaded replacement drive??? Was a bare box they said had 11.

hp sff 6000 C2-4 PC3 Q9500@2.83 has 4 just ordered 2 8's to replace for 16gb
hp sff 7900 C2-2 PC2 E-8600@3.33 has 4 just ordered 4 more for 8gb
hp sff 8000 C2-4 PC3 Q8400@2.66 has 6 will use 2 4's, 2 2's for 12gb
hp sff 8300 C-I5/3470 PC3 qv996av@3.2 has 8 just ordered 2 8's to replace for 16gb
hp ssff G4-800 C-i7 /8700 Vpro PC4 has 2 16's for 32gb

 

[USAFRet]

and find it disheartening someone would spend their time trying to make computer life miserable by creating junk to infect others with. Why??

1. $$$

2. Some people just like to see the world burn.